On Fri, May 17, 2019 at 9:09 AM Mauricio Tavares <raubvogel(a)gmail.com> wrote:
On Fri, May 17, 2019 at 8:24 AM Stephen Gallagher <sgallagh(a)redhat.com> wrote:
> 3) Force Anaconda to require the creation of a non-root user that is a
> member of the `wheel` group, so that this user can be used to SSH in
> and administer the system. Essentially, remove the root user creation
> spoke as an option from the interactive install.
That seems similar to the approach adopted by ubuntu and it has
worked. With that said, I do not see the difference between ssh'ing
using an user in the wheel group vs root as both can do the same. But
that is me. Being able to tell who sudo'ed, yes.
There are two big advantages here:
1) As you pointed out, you have the sudo log to inform you of which
user took the action.
2) It confounds automated attack scripts. Unless your admin user has a
well-known or easily-guessable name, automated attacks will probably
not know what user to try. 'root' is a big target at least in part
because it always exists.